1. Field
The present invention relates to a home network, and more particularly, to a method and apparatus of ensuring communication security between a control apparatus and a controlled apparatus in a home network.
2. Description of the Related Art
Due to developments in home network technology, various kinds of home devices can access digital information, and users can use services provided from a home network by using the various kinds of home devices.
However, without a secure framework, digital information including a user's personal data may be exposed to a malicious attacker. In general, a public key encryption system provides confidentiality and integrity, but distribution of keys is vulnerable to the man-in-the-middle attack if there is no trusted third party.
In general, since a home network does not depend on an infrastructure controlled by a central administration but is dynamically set up, it is necessary to implement a key distribution scheme without assuming there is a trusted third party.
For example, a Control Point (CP) entering from outside of a home network should not be allowed to unrestrictedly use services provided from all home devices in the home network based on a Universal Plug and Play (UPnP) network.